CVE-2024-58015

HIGH

Linux Kernel 6.3-6.13.2 - Out-of-Bounds Read in WiFi ath12k Selfgen Stats Buffer

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix for out-of bound access error Selfgen stats are placed in a buffer using print_array_to_buf_index() function. Array length parameter passed to the function is too big, resulting in possible out-of bound memory error. Decreasing buffer size by one fixes faulty upper bound of passed array. Discovered in coverity scan, CID 1600742 and CID 1600758

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/8700c4bf8b7ed98037d2acf1eaf770ad6dd431d4

Patch

https://git.kernel.org/stable/c/eb8c0534713865d190856f10bfc97cf0b88475b1

Scores

CVSS v3 7.1

EPSS 0.0016

EPSS Percentile 6.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Details

CWE

CWE-125

Status published

Products (8)

linux/Kernel 6.3.0 - 6.13.3linux

Linux/Linux < 6.3

Linux/Linux 6.13.3 - 6.13.*

Linux/Linux 6.14

Linux/Linux 6.3

Linux/Linux d889913205cf7ebda905b1e62c5867ed4e39f6c2 - 8700c4bf8b7ed98037d2acf1eaf770ad6dd431d4

Linux/Linux d889913205cf7ebda905b1e62c5867ed4e39f6c2 - eb8c0534713865d190856f10bfc97cf0b88475b1

linux/linux_kernel 6.3 - 6.13.3

Published Feb 27, 2025

Tracked Since Feb 18, 2026